2024-11-22
:
An issue in Android’s Health Connect app (CVE-2024-0052) allows unauthorized access to exercise route data. This happens because a permission check is missing, potentially revealing users’ exercise routines to malicious applications.
Vulnerability Details:
Platform: Android
Version: Not specified (all versions before March 2024 security patch)
Vulnerability: Local Information Disclosure (exercise route data)
Severity: High
Date: March 11, 2024 (published), November 21, 2024 (last modified)
What Undercode Says:
This vulnerability exposes users’ exercise routines without requiring any additional privileges or user interaction. It’s crucial to install the latest security patch (March 5, 2024) to address this issue.
Note: This rewrite omits technical details like CVSS scores and references not directly related to the vulnerability itself.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help